asterisk is vulnerable to buffer overflow. A stack-based buffer overflow in res_rtp_asterisk.c in Sangoma Asterisk allows an authenticated WebRTC client to cause an Asterisk crash by sending multiple hold/unhold requests in quick succession. This is caused by a signedness comparison mismatch.
CPE | Name | Operator | Version |
---|---|---|---|
asterisk:3.12 | eq | 16.7.0-r0 | |
asterisk:edge | eq | 16.7.0-r0 |